package com.wu.shiro.jwt;

import com.wu.entity.ShiroUser;
import com.wu.service.impl.UserService;
import com.wu.util.JwtUtil;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;

/**
 * @author wuyanshen
 * @date 2019-01-14 9:52 PM
 * @discription 描述
 */
public class JwtRealm extends AuthorizingRealm {

    private static final Logger logger = LoggerFactory.getLogger(JwtRealm.class);

    @Autowired
    @Lazy
    private UserService userService;

    /**
     * 大坑！，必须重写此方法，不然Shiro会报错
     */
    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JwtToken;
    }

    /**
     * 默认使用此方法进行用户名正确与否验证，错误抛出异常即可。
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        String token = (String) authenticationToken.getCredentials();
        // 解密获得username，用于和数据库进行对比
        ShiroUser user = JwtUtil.getUser(token);
        String username = user.getLoginName();

        if (username == null) {
            throw new AuthenticationException("token为空!");
        }

        ShiroUser userBean = userService.getUserByLoginName(username);
        if (userBean == null) {
            throw new AuthenticationException("用户名不存在");
        }

//        if (!JwtUtilOne.verify(token, username, userBean.getPassword())) {
//            throw new AuthenticationException("用户名或密码错误");
//        }

        return new SimpleAuthenticationInfo(username, user.getPassword(), getName());

    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        return authorizationInfo;
    }

    /**
     * 只有当需要检测用户权限的时候才会调用此方法，例如checkRole,checkPermission之类的
     */
//    @Override
//    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//        System.out.println("jwt Realm 准备授权...");
//        String username = JwtUtilOne.getUsername(principalCollection.toString());
//        ShiroUser user = userService.getUserByLoginName(username);
//        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
//
//        String permissions = "";
//        if ("user".equals(user.getLoginName())) {
//            simpleAuthorizationInfo.addRole("USER");
//            permissions+="add";
//        }
//
//        if ("admin".equals(user.getLoginName())) {
//            simpleAuthorizationInfo.addRole("ADMIN");
//            permissions+="add,update";
//        }
//
//        Set<String> permission = new HashSet<String>(Arrays.asList("".split(",")));
//        simpleAuthorizationInfo.addStringPermissions(permission);
//        return simpleAuthorizationInfo;
//
//    }


}
